Application Inspector Report


Overview

Welcome to the Microsoft Application Inspector Report. This report represents the analysis results for the specified source code. It contains features identified from a large variety of common characteristics including security and privacy characteristics, and other attributes to answer the question 'What is in the code?'. The tool can help validate purported component objectives using identifying patterns as well as detect feature changes between software component versions and even be used in automation scenarios.

Why it's different

Knowing what is in your software is the first step to making informed choices about what actions are appropriate before allowing it to be include as part of your application in customer environments. Unlike a typical source code static analyzer, Application Inspector is judgement free, focusing instead on helping inform security and other scenarios by surfacing details that might otherwise go unnoticed.

Application Inspector Functions

Analyze Scan source files for characteristics
Tag Diff Compare identified tags (features) between source versions or components
Tag Test Test source files for the presence of specific tag identifiers
Tags Export Tags
Verify Verify rules structure

Report Contents

Feature are identified as "tags" found in the rule definitions which are customizable JSON files found under the 'rules' folder. Many characteristics are simply reported as "meta-data" which are not features in the code per se but are other attributes about the source that were detected which can be found in the Summary section.
For more information, please visit our GitHub page to review the Application Inspector user guide, documentation, and source code.

Report Summary

Project Info

Name
Version
Description
Folder
Author(s)
Analyzed

Metadata

Application targets or packaging detected.


Characteristic Detected Value(s)
Application Types
Package Types
Output Types
File Types adoc cmd config Extension factories git-authors gitignore importorder imports java json lst md MF Processor properties sh sql txt xml yaml yml
OS Targets
CPU Targets

Tags List View

A list view of the unique tags found and matching rule. Select a tag on the left then select the rule name link shown on the right to view the source code location of the match. See the Features menu for an alternative grouped illustration of the major features detected.


Unique Tags Detected (25)

Associated Rules

Name (click rule to view source excerpt)
Hint: Select feature on left

Tag Counters

Tags found that are identified as Metric related matches and therefore counted but not included in detailed results.


Rule Tag Count
Metric.Code.Exception.Caught 121
Metric.Code.Function.Defined 2
Metric.Code.URL 3
Metric.Code.Logging.Call 212

Application Features

View key characteristics organized by Feature Groups. Click any active icon below or expand a feature group to view additional details. A disabled icon indicates a 'not found' status. Click a Rule name on the right to view where a specific feature was found in code. The full set of identified features can be found under the Summary menu. To see all occurences of each feature, choose a different report format and use the -d option.

Feature Groups

 Select Features
 Cloud Services
 Cookie Attributes
 Databases
 Development
 Device Permissions
 General Features
 Miscellenous
 OS Integration
 OS System Changes
 Pipeline Tools
 Session Headers
 Sensitive Data
 Web App Features

Associated Rules

Name (click rule to view source excerpt)
Hint: Select feature on left